package com.up.upzl.filter;

import java.io.IOException;
import java.util.ArrayList;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

import utils.JwtUtil;

public class JWTAuthenticationFilter extends BasicAuthenticationFilter  {

	public JWTAuthenticationFilter(AuthenticationManager authenticationManager) {
		super(authenticationManager);
	}

	
	 @Override  
	    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {  
	        String header = request.getHeader("Authorization");  
	  
	        if (header == null || !header.startsWith("Bearer ")) {  
	            chain.doFilter(request, response);  
	            return;  
	        }  
	  
	        UsernamePasswordAuthenticationToken authentication = getAuthentication(request);  
	  
	        SecurityContextHolder.getContext().setAuthentication(authentication);  
	        chain.doFilter(request, response);  
	  
	    }  
	  
	    private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) {  
	        String token = request.getHeader("Authorization");  
	        if (token != null) {  
	            String user = JwtUtil.getSub(JwtUtil.getSub(token));
	            if (StringUtils.isEmpty(user)) {  
	                return new UsernamePasswordAuthenticationToken(user, null, new ArrayList<>());  
	            }  
	            return null;  
	        }  
	        return null;  
	    }  	
	
}
